Commit ec20e143 authored by Geliang Tang's avatar Geliang Tang Committed by Jakub Kicinski

mptcp: add a new helper subflow_req_create_thmac

This patch adds a new helper named subflow_req_create_thmac, which is
extracted from subflow_token_join_request. It initializes subflow_req's
local_nonce and thmac fields, those are the more expensive to populate.
Signed-off-by: default avatarGeliang Tang <geliangtang@gmail.com>
Signed-off-by: default avatarMat Martineau <mathew.j.martineau@linux.intel.com>
Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent b5e2e42f
...@@ -64,10 +64,23 @@ static bool mptcp_can_accept_new_subflow(const struct mptcp_sock *msk) ...@@ -64,10 +64,23 @@ static bool mptcp_can_accept_new_subflow(const struct mptcp_sock *msk)
} }
/* validate received token and create truncated hmac and nonce for SYN-ACK */ /* validate received token and create truncated hmac and nonce for SYN-ACK */
static void subflow_req_create_thmac(struct mptcp_subflow_request_sock *subflow_req)
{
struct mptcp_sock *msk = subflow_req->msk;
u8 hmac[SHA256_DIGEST_SIZE];
get_random_bytes(&subflow_req->local_nonce, sizeof(u32));
subflow_generate_hmac(msk->local_key, msk->remote_key,
subflow_req->local_nonce,
subflow_req->remote_nonce, hmac);
subflow_req->thmac = get_unaligned_be64(hmac);
}
static struct mptcp_sock *subflow_token_join_request(struct request_sock *req) static struct mptcp_sock *subflow_token_join_request(struct request_sock *req)
{ {
struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req);
u8 hmac[SHA256_DIGEST_SIZE];
struct mptcp_sock *msk; struct mptcp_sock *msk;
int local_id; int local_id;
...@@ -84,13 +97,6 @@ static struct mptcp_sock *subflow_token_join_request(struct request_sock *req) ...@@ -84,13 +97,6 @@ static struct mptcp_sock *subflow_token_join_request(struct request_sock *req)
} }
subflow_req->local_id = local_id; subflow_req->local_id = local_id;
get_random_bytes(&subflow_req->local_nonce, sizeof(u32));
subflow_generate_hmac(msk->local_key, msk->remote_key,
subflow_req->local_nonce,
subflow_req->remote_nonce, hmac);
subflow_req->thmac = get_unaligned_be64(hmac);
return msk; return msk;
} }
...@@ -186,6 +192,8 @@ static int subflow_init_req(struct request_sock *req, ...@@ -186,6 +192,8 @@ static int subflow_init_req(struct request_sock *req,
if (!subflow_req->msk) if (!subflow_req->msk)
return -EPERM; return -EPERM;
subflow_req_create_thmac(subflow_req);
if (unlikely(req->syncookie)) { if (unlikely(req->syncookie)) {
if (mptcp_can_accept_new_subflow(subflow_req->msk)) if (mptcp_can_accept_new_subflow(subflow_req->msk))
subflow_init_req_cookie_join_save(subflow_req, skb); subflow_init_req_cookie_join_save(subflow_req, skb);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment